lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <44C4FC76.7090004@utdallas.edu>
Date: Mon, 24 Jul 2006 11:59:34 -0500
From: Paul Schmehl <pauls@...allas.edu>
To: Alice Bryson <abryson@...efocus.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Please help to spam abryson@...efocus.com.

Alice Bryson wrote:
> 2006/7/24, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu>:
>> On Mon, 24 Jul 2006 15:58:13 +0800, Alice Bryson said:
>> >     I am collecting spam for research using the mailbox
>> > abryson@...efocus.com.
>>
>> Step one: Convince us you're really Alice Bryson and this isn't an
>> attempt to beseige Alice with spam....
>>
>>
> Yes, i am Alice, to prove that you can send an email with a long
> number to abryson@...efocus.com, and i will reply you that number, ok?
> 
What does that prove?

telnet mail.40networks.com 25
Trying 64.114.199.200...
Connected to mail.40networks.com.
Escape character is '^]'.
220 40networks.com ESMTP Sendmail 8.13.1/8.13.1; Mon, 24 Jul 2006 
09:45:17 -0700
EHLO utdallas.edu
250-40networks.com Hello utd59514.utdallas.edu [129.110.3.28], pleased 
to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
MAIL FROM: testing@...allas.edu
250 2.1.0 testing@...allas.edu... Sender ok
RCPT TO: abryson@...efocus.com
250 2.1.5 abryson@...efocus.com... Recipient ok
QUIT
221 2.0.0 40networks.com closing connection
Connection closed by foreign host.

So the address is valid, but we still have no way of knowing if you are 
really Alice Bryson or if you're someone joejobbing Alice Bryson.  Do 
you have a digital ID?  If so, sign the response to this message.  Then 
we will know for sure that you are Alice (or that you stole her ID!)

-- 
Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5268 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ